Looking Back on Cybersecurity Awareness Month and a 365 Day Outlook

Cybersecurity Awareness Month may be coming to a close, but we have already set our eyes on the future. The question is: How can we stay “security aware” year round and, more importantly, translate this awareness into actions that will help keep our companies secure?

Cybersecurity has never been more important than in the past few years. It seems that every week, a major new breach hits the news headlines, leaving every company more and more worried about whether they’re next. This month — National Cybersecurity Awareness Month — has been a great reminder to verify whether your security protocols and practices are up-to-date and effective. But with the state of things today, you can’t afford to stop there.

We believe that done right, security is a 24/365 operation. If you’ve been following our blog, you’ve learned that there are many ways to streamline and automate security so it doesn’t require an army to maintain.

In this post, we’re wrapping up our best pieces of advice for you so that every month going forward can be cybersecurity month at your company.

1. Implement Basic Security Hygiene

Hopefully this month, you have had time to re-evaluate where your security program stands and to fill in any gaps that you’ve detected. Security best practices are evolving as fast as threats themselves, so it’s always a good idea to take time to reflect on your security posture to see whether it’s doing the job. But you can’t forget that, in order to have good security, you first need to practice basic security hygiene.

In 12 Low-Cost Cloud Security Practices With Big Payoffs, our VP of Engineering, Chris Gervais, walks through the three buckets of your IT infrastructure that need to be locked down and monitored before moving on to more advanced techniques. These are low-cost techniques that can have a big payoff. Read the full post here .

2. Automate Detection

Years ago, the big focus in security was on prevention. Today, that’s no longer effective. With infrastructure moving to single-cloud, multi-cloud, hybrid, and containerized environments, there are no longer defined perimeters from which you can secure your entire organization. In the cloud, the attack surface is virtually limitless, so you need the ability to detect threats once they get in (because they will).

This is where intrusion detection comes in. Ideally, you want your intrusion detection platform (IDP) to be integrated at the host layer because this gives the greatest visibility into activity anywhere in your environment. Using a host-based intrusion detection platform, you can automate detection, ensuring that security is on and active 24/365.

3. Get Budget Buy-in Early

Just a few years ago, security was often viewed as a necessary cost of doing business (maybe even as a necessary evil). Anyone outside of security didn’t understand the value of investing in it, and so it was frequently  left off the budget and priority list. A frustrating state of affairs in the best case, a dangerous one at the worst. Today, many CFOs are changing their views about security, and you can hear firsthand from Kevin Durkin, Threat Stack’s CFO, how he learned to see the value in security.

In 5 Security Blogs Your CFO Needs to Read, Kevin discusses ways to get finance on board with the security plan and budget so that it’s never a surprise and is prioritized along with everything else going on in the business. Having this conversation early will make your job a lot easier. Read our CFO’s advice.

4. Integrate Security Into DevOps Workflows

For most companies, speed can be a huge competitive advantage. As fast as companies are developing and updating products, services, and features, security needs to keep pace. Traditionally, security was introduced at the end of a product development cycle, and thereby slowed down time to market. In response, ops and engineering teams frequently went  around security as a way of staying on schedule, but if these breaches are any indication, this is not a smart strategy.

By integrating security into the same workflows as operations and development, security can move at the speed of dev and ops, without slowing processes down. Solutions like Threat Stack are specifically designed to integrate with dev and ops tools like PagerDuty, Chef, Docker, Slack, and VictorOps, among others. With intrusion detection integrated with the very tools responsible for releasing code and maintaining infrastructure, security gains a level of visibility that was previously impossible. This means security can move as fast as development and operations, and all teams can work together in unison.

On To 2018

While 2017 put a spotlight on many companies for lacking critical security measures, Cybersecurity Awareness Month has made us aware that:

  • As individuals and as organizations (think Equifax), we are all potentially vulnerable to attacks.
  • Security cannot be taken for granted.
  • The responsibility for security is ours.

Whether we are teaching employees about phishing scams, making sure configurations adhere to AWS standards, or keeping patches up to date, it’s up to us to translate security awareness into action.

If automating security and gaining 360-degree visibility of your fast-moving cloud, hybrid, or containerized environment sounds like where you want to be, feel free to contact us for a demo.

Resources

If you’d like guidance on assessing your current security posture or developing a security strategy that’s right for your company, take a look at the following resources.

See Threat Stack in Action

Get in touch for a demo of Threat Stack's comprehensive instrusion detection platform.

Request a Demo